To successfully pursue its activities The Reference needs to process personal data about individuals. These can include customers, job seekers, journalists, vendors, suppliers, stakeholders, subcontractors, competitors, Alumni and other people the organization has a relationship with or may need to contact.
The Reference is committed to respect the rights of the people whose personal data is being processed. Therefore, The Reference complies with data protection regulations such as the General Data Protection Regulation (“GDPR”) and national laws of the countries in which it operates.
The Reference also complies with the Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. The Reference has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.
This privacy statement describes which personal data we collect, why we do it, how long we keep it and the rights you can exercise with regard to your personal data. It applies to all personal data submitted to The Reference via the website, by email, or by any other means.
The Reference NV, registered at 70 Stapelplein, 9000 Ghent (Belgium), under number BE 0474.475.203 (hereinafter: “The Reference”) is the controller, as it determines the means and purposes of the processing of your personal data.
Personal data we collect about you
If possible, we will try to collect the personal data directly from the person concerned. However, it may be necessary to collect personal data from third parties in the context of future relationships (e.g. customers or candidates).
I. Information you provide us:
- contact form filled out by you (website): name, email, company, phone, and message;
- job applications (website or via recruitment company): application forms, CV, interview notes and related recruitment information;
- your feedback
- content of correspondence with us (by email, phone or letters);
- subscription newsletter (website form)
- information from social media when you link to our website (online)
- information relating to your use of our products or services
- contact details of past, present and future customers
- contact details of past, present and future suppliers, vendors, investors or other partners
II. Information we may automatically collect if you visit our website:
- technical information, including IP address, browser type and version
- cookies and other technologies
III. Use of children’s data:
The Reference does not knowingly collect, process or store any personal data about children under the age of 16 and we do not offer any products or services directly to children under the legally allowed age. Where we knowingly have collected data of children, we will delete them immediately by erasing the data completely from our database.
IV. Finally, information collected on our site may be stored and processed into anonymous statistics or log files for internal use, such as traffic and profile analysis.
In general, we may have to process all categories of personal data to comply with applicable legal or regulatory requirements, relevant industry standards and our policies, and for litigation or defence of claims.
- customers’ and prospects’ personal data: We use your personal data for the performance of your contract(s) with The Reference. In particular we process your personal data to deliver and provide our products or services and to invoice them, as well as for the execution and analysis of market surveys and marketing strategies. We also use your contact details to further inform you about our products and services that are in line with our already existing relationship and for marketing such as offering promotions.
- Suppliers’, vendors, customers and partners’ personal data: We process your personal data to conclude and execute our agreements and manage our relationships.
- Job seekers’ data: Your personal data are stored for the recruitment and selection procedures. More specifically, your personal data are processed for the purposes of assessing your profile and skills to fit a job and making you specific job offers.
Subject to your explicit consent, we will use your contact details to send you our newsletter. We also may use the personal data in other ways, for which we provide specific notice at the time of collection.
Retention of your personal data
Your personal data is kept in our information systems only for as long as is necessary for the purposes for which it was collected (as described above). It will be deleted once it is no longer needed by us and once all requirements at law have been met.
We will retain and use your personal data for as long as reasonably necessary to perform our agreements or to consider tenders, to comply with our legal obligations (such as accounting and tax obligations) and to resolve disputes or enforce our agreements. Therefore, your personal data will be held during the duration of our contractual relationship and up to 10 years thereafter.
Application forms (CV’s), interview notes and references of unsuccessful candidates are kept for a period of 2 years following the closure of the hiring process. After that, when we would like to stay in contact with an applicant who was not chosen for the job he/she applied for we will ask for his/her consent to keep the cv in our application pool for another 2 years. This data will be timestamped in the database from the moment of entry, to be able to adequately handle it after the correct period.
In all cases personal data may be kept for a longer period of time where there is a legal or regulatory reason to do so, or a shorter period where the individual objects to the processing of their personal data and there is no longer a legitimate purpose to retain it.
The Reference only processes your personal data if at least one of these grounds applies:
- For the preparation or performance of a contract.
- In order to comply with the legal and regulatory obligations to which we are subject.
- For legitimate business interests, in which case we always seek to strike a balance between that interest and respecting your privacy.
- If none of the above, where we have your explicit consent.
Transfer to third parties
The Reference does not transfer your personal data to third parties, except:
- to our legal successors and affiliated companies within Emakina Group, for the same purposes as specified in this Privacy Statement.
- to subcontractors and third parties for the purpose of the performance of a contract that we hold with them or that we hold with you.
- to third party service providers who perform services on our behalf to help us with our business activities. These service providers are limited to only using your personal data as instructed to carry out their tasks.
- when permitted or required by applicable law or regulatory requirements.
- to law enforcement authorities or other government officials.
- to other third parties with your consent. In this case, the consent will be explicitly asked when you enter or send your data.
THE REFERENCE shall in no case be liable, if it proves that it is not responsible for the event giving rise to the damage.
Transfer to third countries
When we transfer your personal data to other countries, outside of the European Economic Area, The Reference will take measures to ensure that your personal data is exclusively processed in accordance with this Privacy Statement and that adequate levels of protection have been implemented in order to safeguard your personal data. These arrangements can include Binding Corporate Rules for transfers within the Emakina Group, standard contractual clauses or approved certification mechanisms.
In accordance with the GDPR, The Reference will respond to your requests in the GDPR mandated time to exercise following rights:
- Right to be informed: The Reference is transparent by providing you any information relating to the processing of your personal data via this privacy statement or specific information notices at the time of collection.
- Right to access: You have the right to request a copy of the personal data that The Reference holds about you. We may require proof of identity before fulfilling such requests.
- Right to rectification: If the personal data that The Reference holds about you is inaccurate or incomplete, you have the right to ask us to update or rectify it.
- Right to be forgotten: You have the right to request The Reference to erase all your personal data. We will delete your personal data without undue delay if we do not have any legal reason or legitimate purpose to continue to process it.
- Right to restrict processing: In some specific cases, you have the right to ask The Reference to restrict how we process your personal data. This means we are permitted to store the data but not further process it.
- Right to data portability: This right only applies to personal data that you have provided to The Reference, based on consent or for the performance of a contract. The Reference will provide your personal data in a structured, commonly used and machine-readable format to be able to transmit it to another controller, or have it directly transmitted by The Reference if technically feasible.
- Right to object: You have the right to object to the processing of your personal data if the processing is based on the legitimate interest of The Reference or on public interest. The Reference will discontinue the processing of your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests or rights, or for the establishment, exercise or defence of legal claims.
- Right to withdraw consent: Where your consent was required for the collection or use of your personal data, you have the right to withdraw your consent at any time. For example, you may choose to stop receiving our newsletter by following the unsubscribe instructions included in the emails.
- Right to lodge a complaint: You have the right to lodge a complaint with the supervisory authority (in Belgium: Gegevensbeschermingsautoriteit) if you consider that the processing of your personal data infringes this Privacy Statement or the GDPR.
You can exercise your rights by sending a request by email to email@example.com or by post to The Reference, Stapelplein 70, 9000 Ghent, Belgium.
The Reference has security policies and procedures in place to protect your personal data from unauthorized loss, misuse, alteration or destruction. Despite our best efforts, however, security cannot be absolutely guaranteed against all threats.
To the best of our ability, The Reference has taken steps to ensure the ongoing confidentiality, integrity, availability, and resilience of systems and services processing personal information. These actions may include physical security measures, network security measures, and organizational measures such as confidentiality clauses and restricted access.
Limitations of responsability
The Reference website contains links to other websites, whether owned or controlled by Emakina Group' affiliates or unrelated third parties. The Reference is not responsible for the privacy policies and practices of such linked websites.
Dispute resolution and arbirtation
If you reside within the EU, any inquiries or complaints regarding The Reference's compliance with the Privacy Shield program should be sent to the email and postal address set forth above. The Reference will respond within 45 days. In compliance with the Privacy Shield Principles, The Reference commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Thomas Lepouttre at: firstname.lastname@example.org. The Reference has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU. Under certain conditions, individuals may be able to invoke binding arbitration before the Privacy Shield Panel jointly created by the U.S. Department of Commerce and the European Commission.
Federal Trade Commission enforcement
The Reference US is subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to its compliance with the EU-U.S. Privacy Shield Framework.
User names and email addresses (as well as any additional information that a user may choose to post) are publicly available on the The Reference website, unless a user elects to "opt-out" of such display of personal information. However, in cases where users voluntarily and publicly disclose personal information, which may contain Personal Data, it is his sole responsibility. Surveys and Resulting Information: Subject to the foregoing, The Reference may conduct surveys or other studies of its customer base and usage for marketing and planning purposes. Participation in such surveys is at the user's option; The Reference does not conduct mandatory surveys.
With respect to information collected from such surveys or studies, and in the event that responses are to be publicly disclosed, users will be notified at the time they take the survey and The Reference will disclose only aggregate information regarding its users and not personal information identifying any specific individual. Circumstances under which The Reference would publicly disclose such aggregate information include, but are not limited to, sharing survey results with the site population, providing data to The Reference's advertisers on user preferences and/or demographics, and publicizing overall usage data in press communications.
Notwithstanding the foregoing, in cases where surveys allow users to submit written comments, and where The Reference advises users of the possibility of such disclosure at the time they take the survey, The Reference reserves the right to disclose text information provided by any user through such a survey, provided that no personal information identifying that user is disclosed.
Changes to our Privacy Statement
The Reference may change this Privacy Statement from time to time to reflect new legal or regulatory obligations, or in response to new data processing activities. Where the changes are significant we may choose to send an e-mail to all our registered users with the new details. Any such changes will be posted here and will be effective from the time they are communicated, or, if required, when we have obtained your consent. We advise you to check back frequently to see any updates or changes. This Privacy Statement was last reviewed June 28, 2021.